Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
Junxiao Shi | 2bea5c4 | 2017-08-14 20:10:32 +0000 | [diff] [blame] | 2 | /* |
Davide Pesavento | 77c5ce8 | 2021-05-07 16:12:02 -0400 | [diff] [blame^] | 3 | * Copyright (c) 2013-2021 Regents of the University of California. |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 4 | * |
| 5 | * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions). |
| 6 | * |
| 7 | * ndn-cxx library is free software: you can redistribute it and/or modify it under the |
| 8 | * terms of the GNU Lesser General Public License as published by the Free Software |
| 9 | * Foundation, either version 3 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY |
| 12 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 13 | * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. |
| 14 | * |
| 15 | * You should have received copies of the GNU General Public License and GNU Lesser |
| 16 | * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see |
| 17 | * <http://www.gnu.org/licenses/>. |
| 18 | * |
| 19 | * See AUTHORS.md for complete list of ndn-cxx authors and contributors. |
| 20 | */ |
| 21 | |
Davide Pesavento | 7e78064 | 2018-11-24 15:51:34 -0500 | [diff] [blame] | 22 | #include "ndn-cxx/security/validator-config.hpp" |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 23 | |
Alexander Afanasyev | 09236c2 | 2020-06-03 13:42:38 -0400 | [diff] [blame] | 24 | #include "ndn-cxx/security/certificate-fetcher-offline.hpp" |
Davide Pesavento | 77c5ce8 | 2021-05-07 16:12:02 -0400 | [diff] [blame^] | 25 | #include "ndn-cxx/security/interest-signer.hpp" |
Davide Pesavento | 7e78064 | 2018-11-24 15:51:34 -0500 | [diff] [blame] | 26 | #include "ndn-cxx/util/dummy-client-face.hpp" |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 27 | |
Davide Pesavento | 7e78064 | 2018-11-24 15:51:34 -0500 | [diff] [blame] | 28 | #include "tests/boost-test.hpp" |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 29 | #include "tests/key-chain-fixture.hpp" |
Alexander Afanasyev | 09236c2 | 2020-06-03 13:42:38 -0400 | [diff] [blame] | 30 | #include "tests/unit/security/validator-config/common.hpp" |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 31 | |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 32 | namespace ndn { |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 33 | namespace security { |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 34 | namespace tests { |
| 35 | |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 36 | using namespace ndn::tests; |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 37 | |
Junxiao Shi | d5827ce | 2016-07-14 20:49:37 +0000 | [diff] [blame] | 38 | BOOST_AUTO_TEST_SUITE(Security) |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 39 | BOOST_FIXTURE_TEST_SUITE(TestValidatorConfig, KeyChainFixture) |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 40 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 41 | // This test only for API, actual tests are in ValidationPolicyConfig and corresponding CertificateFetchers |
| 42 | |
| 43 | BOOST_AUTO_TEST_CASE(Construct) |
| 44 | { |
| 45 | util::DummyClientFace face; |
| 46 | |
| 47 | ValidatorConfig v1(face); |
| 48 | BOOST_CHECK_EQUAL(v1.m_policyConfig.m_isConfigured, false); |
| 49 | |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 50 | ValidatorConfig v2(make_unique<CertificateFetcherOffline>()); |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 51 | BOOST_CHECK_EQUAL(v2.m_policyConfig.m_isConfigured, false); |
| 52 | } |
| 53 | |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 54 | class ValidatorConfigFixture : public KeyChainFixture |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 55 | { |
| 56 | public: |
| 57 | ValidatorConfigFixture() |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 58 | : path(boost::filesystem::path(UNIT_TESTS_TMPDIR) / "security" / "validator-config") |
| 59 | , validator(make_unique<CertificateFetcherOffline>()) |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 60 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 61 | boost::filesystem::create_directories(path); |
| 62 | config = R"CONF( |
| 63 | trust-anchor |
| 64 | { |
| 65 | type any |
| 66 | } |
| 67 | )CONF"; |
| 68 | configFile = (this->path / "config.conf").string(); |
| 69 | std::ofstream f(configFile.c_str()); |
| 70 | f << config; |
| 71 | } |
| 72 | |
| 73 | ~ValidatorConfigFixture() |
| 74 | { |
| 75 | boost::filesystem::remove_all(path); |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 76 | } |
| 77 | |
| 78 | public: |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 79 | const boost::filesystem::path path; |
| 80 | std::string config; |
| 81 | std::string configFile; |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 82 | ValidatorConfig validator; |
| 83 | }; |
| 84 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 85 | BOOST_FIXTURE_TEST_SUITE(Loads, ValidatorConfigFixture) |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 86 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 87 | BOOST_AUTO_TEST_CASE(FromFile) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 88 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 89 | validator.load(configFile); |
| 90 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 91 | |
| 92 | // should reload policy |
| 93 | validator.load(configFile); |
| 94 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 95 | } |
| 96 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 97 | BOOST_AUTO_TEST_CASE(FromString) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 98 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 99 | validator.load(config, "config-file-from-string"); |
| 100 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 101 | |
| 102 | // should reload policy |
| 103 | validator.load(config, "config-file-from-string"); |
| 104 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 105 | } |
| 106 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 107 | BOOST_AUTO_TEST_CASE(FromIstream) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 108 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 109 | std::istringstream is(config); |
| 110 | validator.load(is, "config-file-from-istream"); |
| 111 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 112 | |
| 113 | // should reload policy |
| 114 | std::istringstream is2(config); |
| 115 | validator.load(is2, "config-file-from-istream"); |
| 116 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 117 | } |
| 118 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 119 | BOOST_AUTO_TEST_CASE(FromSection) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 120 | { |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 121 | validator.load(validator_config::tests::makeSection(config), "config-file-from-section"); |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 122 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 123 | |
| 124 | // should reload policy |
Davide Pesavento | 4c1ad4c | 2020-11-16 21:12:02 -0500 | [diff] [blame] | 125 | validator.load(validator_config::tests::makeSection(config), "config-file-from-section"); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 126 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 127 | } |
| 128 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 129 | BOOST_AUTO_TEST_SUITE_END() // Loads |
Zhiyi Zhang | 48becde | 2017-01-05 16:41:38 -0800 | [diff] [blame] | 130 | |
Alexander Afanasyev | 31fd467 | 2018-06-17 13:25:52 -0400 | [diff] [blame] | 131 | |
| 132 | BOOST_FIXTURE_TEST_CASE(ValidateCommandInterestWithDigestSha256, ValidatorConfigFixture) // Bug 4635 |
| 133 | { |
| 134 | validator.load(configFile); |
| 135 | |
Eric Newberry | 1caa634 | 2020-08-23 19:29:08 -0700 | [diff] [blame] | 136 | InterestSigner signer(m_keyChain); |
Alexander Afanasyev | 31fd467 | 2018-06-17 13:25:52 -0400 | [diff] [blame] | 137 | auto i = signer.makeCommandInterest("/hello/world/CMD", signingWithSha256()); |
| 138 | size_t nValidated = 0, nFailed = 0; |
| 139 | |
| 140 | validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 141 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 142 | BOOST_CHECK_EQUAL(nFailed, 0); |
| 143 | |
| 144 | validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 145 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 146 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 147 | |
| 148 | i = signer.makeCommandInterest("/hello/world/CMD", signingWithSha256()); |
| 149 | validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 150 | BOOST_CHECK_EQUAL(nValidated, 2); |
| 151 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 152 | } |
| 153 | |
Eric Newberry | 1caa634 | 2020-08-23 19:29:08 -0700 | [diff] [blame] | 154 | BOOST_FIXTURE_TEST_CASE(ValidateSignedInterest, ValidatorConfigFixture) |
| 155 | { |
| 156 | validator.load(configFile); |
| 157 | |
| 158 | InterestSigner signer(m_keyChain); |
| 159 | Interest i1("/hello/world"); |
| 160 | i1.setCanBePrefix(false); |
| 161 | signer.makeSignedInterest(i1); |
| 162 | size_t nValidated = 0, nFailed = 0; |
| 163 | |
| 164 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 165 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 166 | BOOST_CHECK_EQUAL(nFailed, 0); |
| 167 | |
| 168 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 169 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 170 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 171 | |
| 172 | Interest i2("/hello/world"); |
| 173 | i2.setCanBePrefix(false); |
| 174 | signer.makeSignedInterest(i2, signingWithSha256()); |
| 175 | validator.validate(i2, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 176 | BOOST_CHECK_EQUAL(nValidated, 2); |
| 177 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 178 | } |
| 179 | |
| 180 | BOOST_FIXTURE_TEST_CASE(ValidateCommandInterest, ValidatorConfigFixture) |
| 181 | { |
| 182 | validator.load(configFile); |
| 183 | |
| 184 | InterestSigner signer(m_keyChain); |
| 185 | auto i1 = signer.makeCommandInterest("/hello/world"); |
| 186 | size_t nValidated = 0, nFailed = 0; |
| 187 | |
| 188 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 189 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 190 | BOOST_CHECK_EQUAL(nFailed, 0); |
| 191 | |
| 192 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 193 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 194 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 195 | |
| 196 | auto i2 = signer.makeCommandInterest("/hello/world"); |
| 197 | validator.validate(i2, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 198 | BOOST_CHECK_EQUAL(nValidated, 2); |
| 199 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 200 | } |
Alexander Afanasyev | 31fd467 | 2018-06-17 13:25:52 -0400 | [diff] [blame] | 201 | |
Junxiao Shi | d5827ce | 2016-07-14 20:49:37 +0000 | [diff] [blame] | 202 | BOOST_AUTO_TEST_SUITE_END() // TestValidatorConfig |
| 203 | BOOST_AUTO_TEST_SUITE_END() // Security |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 204 | |
| 205 | } // namespace tests |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 206 | } // namespace security |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 207 | } // namespace ndn |